arne/openwrt
1
0
Fork 0
forked from mirror/openwrt
Code Pull requests Activity
openwrt/package/network/services/hostapd/patches/760-dynamic_own_ip.patch
Felix Fietkau 95c8b385e5 hostapd: update to Git HEAD (2025-08-26) 
33fb6c738bc4 P2P2: Enable some testing parameters without CONFIG_TESTING_OPTIONS
56616c4183a6 P2P2: Update device name with USD device found
1d791939dcdf Cancel pending connect radio work when network is removed
8235e21d7fe3 P2P: Fix preferred frequency list size handling in p2p_check_pref_chan()
4bc754d9c727 Add QCA vendor interface to enable/disable TX power limit
d65f5705df98 Add QCA vendor attribute to disable A-MSDU address check validation
74881765b7fb nl80211: Use i802_bss in qca_set_allowed_ap_freqs() to use correct ifindex
ca8303135cbb P2P2: Set P2P mode to the driver on P2P GO device
063ae7af68dc ACS: Fix incorrect index calculation for primary channel
4aa3a58377c1 ACS: Validate all channels in a segment before selection
02c9d3376224 ACS: Extend support to exclude 6 GHz non-PSC in non-offloaded ACS
307365eb57bb tests: Add test for ACS exclude 6 GHz non-PSC
0721e4886316 Add QCA vendor attribute to configure EHT RTWT support
76b39db44c77 QCA vendor attribute to configure BTM MLD Recommendation For Multiple APs support
2faeffdeca22 AP MLD: Properly deinit sm of non-ML STA connected to ML AP
e4f4e5a872a5 AP MLD: Fix STA's flag wrongly updated in SME-in-driver cases
ec6cade42c0f Increase buffer size to handle long freq_list entries in config
0522585da7b0 Write freq_list as per-network item in wpa_supplicant.conf
5e527704b912 Use SCS reconfiguration logic under CONFIG_NO_ROBUST_AV
5d6214a724c1 PASN: Clear driver/firwmare ranging context if PASN Auth 1 fails
14dc782d50db DPP: Avoid generating DPP shared secret(z) for non-association links
40326b60b17a RSNO: Allow OWE to be configured in RSN overrides in AP processing
acadef1b04d5 hostapd_cli: Open a new hostapd connection on ping failure when using -a
ac0d9bd80ec5 Add QCA vendor attributes to configure global TX chain mask
f5b8ef6c966a Add QCA vendor attributes for MSDU TX statistics
6c11fcefe4fc hostapd: Prevent blocking sends on control interface monitor socket
0bbb8a66f64c AP MLD: Remove redundant outer loop in hostapd_notif_disassoc_mld()
52fb5ccd91f3 AP MLD: Avoid using mld_id to identify partners
7bb930d50b5f wpa_supplicant: Add option to disable 80+80 MHz opclass advertisement
9001059bd6ad tests: Make dbus_connect_oom more robust
663fb1940231 AP MLD: Fix hostapd_is_mld_ap() check
590f3bdb4c61 AP MLD: Rename hostapd_is_mld_ap() to hostapd_is_multiple_link_mld()
b13b69a235f7 Add VLANID in the AP-STA-CONNECTED events
c1e8b1c6462b SAE: Assign VLAN when using PMKSA caching
9bc29dcdfdee SAE: Default password binding through control interface
9de127c31c40 tests: More testing coverage for SAE with multiple passwords
5ce1d4180386 nl80211: Fix crash by cancelling scan timeout before a BSS is removed
ca266cc24d87 nl80211: Fix crash by setting the drv->ctx properly

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2025-08-27 10:29:21 +02:00

116 lines
3.8 KiB
Diff
Raw Blame History

From: Felix Fietkau <nbd@nbd.name>
Date: Thu, 15 Dec 2022 13:57:04 +0100
Subject: [PATCH] hostapd: add support for automatically setting RADIUS own-ip
dynamically
Some servers use the NAS-IP-Address attribute as a destination address
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -2632,6 +2632,8 @@ static int hostapd_config_fill(struct ho
} else if (os_strcmp(buf, "iapp_interface") == 0) {
wpa_printf(MSG_INFO, "DEPRECATED: iapp_interface not used");
#endif /* CONFIG_IAPP */
+ } else if (os_strcmp(buf, "dynamic_own_ip_addr") == 0) {
+ bss->dynamic_own_ip_addr = atoi(pos);
} else if (os_strcmp(buf, "own_ip_addr") == 0) {
if (hostapd_parse_ip_addr(pos, &bss->own_ip_addr)) {
wpa_printf(MSG_ERROR,
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -312,6 +312,7 @@ struct hostapd_bss_config {
unsigned int eap_sim_db_timeout;
int eap_server_erp; /* Whether ERP is enabled on internal EAP server */
struct hostapd_ip_addr own_ip_addr;
+ int dynamic_own_ip_addr;
char *nas_identifier;
struct hostapd_radius_servers *radius;
int radius_require_message_authenticator;
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -602,6 +602,10 @@ int add_common_radius_attr(struct hostap
struct hostapd_radius_attr *attr;
int len;
+ if (hapd->conf->dynamic_own_ip_addr)
+ radius_client_get_local_addr(hapd->radius,
+ &hapd->conf->own_ip_addr);
+
if (!hostapd_config_get_radius_attr(req_attr,
RADIUS_ATTR_NAS_IP_ADDRESS) &&
hapd->conf->own_ip_addr.af == AF_INET &&
--- a/src/radius/radius_client.c
+++ b/src/radius/radius_client.c
@@ -165,6 +165,8 @@ struct radius_client_data {
*/
void *ctx;
+ struct hostapd_ip_addr local_ip;
+
/**
* conf - RADIUS client configuration (list of RADIUS servers to use)
*/
@@ -822,6 +824,30 @@ static void radius_close_acct_socket(str
/**
+ * radius_client_send - Get local address for the RADIUS auth socket
+ * @radius: RADIUS client context from radius_client_init()
+ * @addr: pointer to store the address
+ *
+ * This function returns the local address for the connection to the RADIUS
+ * auth server. It also opens the socket if it's not available yet.
+ */
+int radius_client_get_local_addr(struct radius_client_data *radius,
+ struct hostapd_ip_addr *addr)
+{
+ struct hostapd_radius_servers *conf = radius->conf;
+
+ if (conf->auth_server && radius->auth_sock < 0)
+ radius_client_init_auth(radius);
+
+ if (radius->auth_sock < 0)
+ return -1;
+
+ memcpy(addr, &radius->local_ip, sizeof(*addr));
+
+ return 0;
+}
+
+/**
* radius_client_send - Send a RADIUS request
* @radius: RADIUS client context from radius_client_init()
* @msg: RADIUS message to be sent
@@ -1733,6 +1759,10 @@ radius_change_server(struct radius_clien
wpa_printf(MSG_DEBUG, "RADIUS local address: %s:%u",
inet_ntoa(claddr.sin_addr),
ntohs(claddr.sin_port));
+ if (auth) {
+ radius->local_ip.af = AF_INET;
+ radius->local_ip.u.v4 = claddr.sin_addr;
+ }
}
break;
#ifdef CONFIG_IPV6
@@ -1744,6 +1774,10 @@ radius_change_server(struct radius_clien
inet_ntop(AF_INET6, &claddr6.sin6_addr,
abuf, sizeof(abuf)),
ntohs(claddr6.sin6_port));
+ if (auth) {
+ radius->local_ip.af = AF_INET6;
+ radius->local_ip.u.v6 = claddr6.sin6_addr;
+ }
}
break;
}
--- a/src/radius/radius_client.h
+++ b/src/radius/radius_client.h
@@ -274,6 +274,8 @@ int radius_client_register(struct radius
void radius_client_set_interim_error_cb(struct radius_client_data *radius,
void (*cb)(const u8 *addr, void *ctx),
void *ctx);
+int radius_client_get_local_addr(struct radius_client_data *radius,
+ struct hostapd_ip_addr * addr);
int radius_client_send(struct radius_client_data *radius,
struct radius_msg *msg,
RadiusType msg_type, const u8 *addr);
View git blame Copy permalink